Alpine/openvpn — 18 CVEs

Loading…

All known vulnerabilities

CRITICAL9.8CVE-2023-46850Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending ne…

from 0, < 2.6.7-r0

CRITICAL9.8CVE-2022-0547openvpn - security update

from 0, < 2.4.12-r0

CRITICAL9.8The Aviatrix OpenVPN client through 2.5.7 on Linux, macOS, and Windows is vulnerable when OpenSSL parameters are altered from the issued va…

from 0, < 0

CRITICAL9.1OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected a…

from 0, < 2.5.10-r1

HIGH8.8OpenVPN version 2.4.0 through 2.6.10 on Windows allows an external, lesser privileged process to create a named pipe which the OpenVPN GUI…

from 0, < 0

HIGH7.8openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory…

from 0, < 2.4.6-r0

HIGH7.5openvpn - security update

from 0, < 2.6.16-r0

HIGH7.5OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting…

from 0, < 2.6.16-r0

HIGH7.5openvpn - security update

from 0, < 2.6.7-r0

HIGH7.5OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured…

from 0, < 2.4.11-r0

HIGH7.5Arbitrary File Write exists in Aviatrix VPN Client 2.8.2 and earlier.

from 0, < 0

HIGH7.5OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet.

from 0, < 2.3.15-r0

MEDIUM6.9Improper validation of packet length during tls-crypt-v2 key extraction in OpenVPN 2.6.0 through 2.6.19 and 2.7_alpha1 through 2.7.1 allows…

from 0, < 2.6.20-r0

MEDIUM6.5openvpn - security update

from 0, < 2.3.15-r0

MEDIUM6.1A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7_alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash o…

from 0, < 2.6.20-r0

MEDIUM5.5Interactive service agent in OpenVPN version 2.5.0 through 2.6.16 and 2.7_alpha1 through 2.7_rc2 on Windows allows a local authenticated us…

from 0, < 0

MEDIUM4.3OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the val…

from 0, < 2.6.11-r0

LOW3.7An issue was discovered in OpenVPN 2.4.x before 2.4.9.

from 0, < 2.4.9-r0

pkg:Alpine/openvpn

✅ Check your installed version

All known vulnerabilities